diff --git a/spring-security/step-1/ReadMe.md b/spring-security/ReadMe.md
similarity index 85%
rename from spring-security/step-1/ReadMe.md
rename to spring-security/ReadMe.md
index afe6132..fa762f8 100644
--- a/spring-security/step-1/ReadMe.md
+++ b/spring-security/ReadMe.md
@@ -293,4 +293,51 @@ public class CustomUserDetailsService implements UserDetailsService {
                 .build();
     }
 }
+```
+
+## 当前用户登录信息
+
+用户的信息都保存在`SecurityContextHolder.getContext()`的上下文中。
+
+```java
+/**
+ * 获取当前认证用户的基本信息
+ * 使用Spring Security的SecurityContextHolder获取当前认证信息
+ */
+@Operation(summary = "当前用户的信息", description = "当前用户的信息")
+@GetMapping("/current-user")
+public Authentication getCurrentUser() {
+    // 从SecurityContextHolder获取当前认证对象
+    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+    
+    // 打印当前用户名和权限信息到控制台（用于调试）
+    System.out.println("Current user: " + auth.getName());
+    System.out.println("Authorities: " + auth.getAuthorities());
+    
+    // 返回完整的认证对象
+    return auth;
+}
+
+/**
+ * 获取当前用户的详细信息
+ * 从认证主体中提取UserDetails信息
+ */
+@Operation(summary = "获取用户详情", description = "获取用户详情")
+@GetMapping("user-detail")
+public UserDetails getCurrentUserDetail() {
+    // 从SecurityContextHolder获取当前认证对象
+    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+    
+    // 获取认证主体(principal)
+    Object principal = auth.getPrincipal();
+
+    // 检查主体是否是UserDetails实例
+    if (principal instanceof UserDetails) {
+        // 如果是，则转换为UserDetails并返回
+        return (UserDetails) principal;
+    } else {
+        // 如果不是UserDetails类型，返回null
+        return null;
+    }
+}
 ```
\ No newline at end of file
diff --git a/spring-security/step-2/ReadMe.md b/spring-security/step-2/ReadMe.md
deleted file mode 100644
index e69de29..0000000
diff --git a/spring-security/step-2/src/main/java/com/spring/step2/controller/CheckController.java b/spring-security/step-2/src/main/java/com/spring/step2/controller/CheckController.java
index 85c3108..ea7dae0 100644
--- a/spring-security/step-2/src/main/java/com/spring/step2/controller/CheckController.java
+++ b/spring-security/step-2/src/main/java/com/spring/step2/controller/CheckController.java
@@ -1,8 +1,10 @@
 package com.spring.step2.controller;
 
+import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -12,6 +14,7 @@ import org.springframework.web.bind.annotation.RestController;
 @RequestMapping("/api/security")
 public class CheckController {
 
+    @Operation(summary = "当前用户的信息", description = "当前用户的信息")
     @GetMapping("/current-user")
     public Authentication getCurrentUser() {
         Authentication auth = SecurityContextHolder.getContext().getAuthentication();
@@ -20,4 +23,17 @@ public class CheckController {
         return auth;
     }
 
+    @Operation(summary = "获取用户详情", description = "获取用户详情")
+    @GetMapping("user-detail")
+    public UserDetails getCurrentUserDetail() {
+        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+        Object principal = auth.getPrincipal();
+
+        if (principal instanceof UserDetails) {
+            return (UserDetails) principal;
+        } else {
+            return null;
+        }
+    }
+
 }